yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-10-28 21:37:12 +00:00
Code Issues Packages Projects Releases Wiki Activity
mbedtls/library
History
Gilles Peskine 7ff812e0d7 Remove a secret-dependent branch in Montgomery multiplication 
In mpi_montmul, an auxiliary function for modular
exponentiation (mbedtls_mpi_mod_exp) that performs Montgomery
multiplication, the last step is a conditional subtraction to force
the result into the correct range. The current implementation uses a
branch and therefore may leak information about secret data to an
adversary who can observe what branch is taken through a side channel.

Avoid this potential leak by always doing the same subtraction and
doing a contant-trace conditional assignment to set the result.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-06-09 11:50:44 +02:00
..
.gitignore Split libs with make + general make cleanups 2015-06-25 10:59:56 +02:00
aes.c Zeroize local AES variables before exiting the function 2019-11-12 03:23:51 -05:00
aesni.c Fix build errors on x32 by using the generic 'add' instruction 2016-05-23 14:29:28 +01:00
arc4.c Adds casts to zeroize functions to allow building as C++ 2016-05-23 14:29:32 +01:00
asn1parse.c Fix 1 byte overread in mbedtls_asn1_get_int() 2016-10-13 13:54:14 +01:00
asn1write.c Fix ASN1 bitstring writing 2019-02-11 21:10:48 +00:00
base64.c Add comment to integer overflow fix in base64.c 2017-02-15 23:31:07 +02:00
bignum.c Remove a secret-dependent branch in Montgomery multiplication 2020-06-09 11:50:44 +02:00
blowfish.c Adds casts to zeroize functions to allow building as C++ 2016-05-23 14:29:32 +01:00
camellia.c Address user reported coverity issues. 2016-06-07 14:52:35 +01:00
ccm.c enforce input and output of ccm selftest on stack 2018-07-30 11:43:08 +03:00
certs.c Fix comment to match reality 2020-02-04 09:52:27 +01:00
cipher.c Remove redundant block_size validity check 2020-01-22 19:09:05 +01:00
cipher_wrap.c Fix after PR comments 2018-06-21 14:03:14 +03:00
cmac.c Merge remote-tracking branch 'public/pr/1390' into mbedtls-2.7 2018-06-27 11:11:34 +01:00
CMakeLists.txt Bump version to Mbed TLS 2.7.15 2020-04-08 17:22:51 +01:00
ctr_drbg.c Merge remote-tracking branch 'origin/mbedtls-2.7' into mbedtls-2.7-restricted 2020-01-15 16:59:10 +00:00
debug.c Return from debugging functions if SSL context is unset 2018-08-23 14:57:39 +01:00
des.c Adds casts to zeroize functions to allow building as C++ 2016-05-23 14:29:32 +01:00
dhm.c Merge remote-tracking branch 'upstream-restricted/pr/410' into development-restricted 2018-01-26 18:43:04 +00:00
ecdh.c Fix ecdh_get_params with mismatching group 2019-02-21 18:17:05 +01:00
ecdsa.c ECDSA: Fix side channel vulnerability 2019-10-25 09:01:34 +01:00
ecjpake.c Fix handling of md failure 2019-07-08 15:26:09 +02:00
ecp.c Fix leakage of projective coordinates in ECC 2020-04-01 11:28:08 +02:00
ecp_curves.c ECP: Add module and function level replacement options. 2017-05-11 22:42:14 +01:00
entropy.c Merge branch 'development' into development-restricted 2018-01-25 17:28:31 +00:00
entropy_poll.c Add missing bracket 2018-11-05 12:17:15 +00:00
error.c Fix #2370, minor typos and spelling mistakes 2019-02-18 15:57:54 +00:00
gcm.c Merge remote-tracking branch 'upstream-public/pr/964' into development 2018-01-02 16:24:29 +01:00
havege.c Prevent building the HAVEGE module on platforms where it doesn't work 2019-07-05 11:33:10 +02:00
hmac_drbg.c HMAC_DRBG: support set_entropy_len() before seed() 2019-10-23 18:01:25 +02:00
Makefile Fix #2370, minor typos and spelling mistakes 2019-02-18 15:57:54 +00:00
md.c Merge branch 'development' into development-restricted 2018-01-25 17:28:31 +00:00
md2.c MD: Make deprecated functions not inline 2018-02-22 08:20:42 +00:00
md4.c MD: Make deprecated functions not inline 2018-02-22 08:20:42 +00:00
md5.c Fix Lucky 13 cache attack on MD/SHA padding 2018-07-12 10:18:37 +02:00
md_wrap.c New MD API: rename functions from _ext to _ret 2018-01-22 11:54:42 +01:00
memory_buffer_alloc.c Fix braces in mbedtls_memory_buffer_alloc_status() 2018-05-23 16:32:33 +01:00
net_sockets.c net_sockets: Fix typo in net_would_block() 2019-06-20 16:28:10 +01:00
oid.c pkcs5v2: add support for additional hmacSHA algorithms 2018-02-08 17:18:15 +08:00
padlock.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
pem.c Merge remote-tracking branch 'upstream-public/pr/778' into mbedtls-2.7-proposed 2018-03-12 23:44:56 +01:00
pk.c Change PK module preprocessor check on word size 2017-08-04 13:32:15 +01:00
pk_wrap.c Clarify the use of MBEDTLS_ERR_PK_SIG_LEN_MISMATCH 2018-03-30 18:43:16 +02:00
pkcs5.c Guard mbedtls_pkcs5_pbes2() by MBEDTLS_ASN1_PARSE_C 2018-10-16 13:53:58 +01:00
pkcs11.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
pkcs12.c Make PBE-related parts of PKCS12 depend on MBEDTLS_ASN1_PARSE_C 2018-10-16 13:53:50 +01:00
pkparse.c Fix pkparse bug wrt MBEDTLS_RSA_ALT 2020-02-18 11:27:08 +01:00
pkwrite.c Fix pk_write with an EC key to write a constant-length private value 2018-09-04 11:22:08 +02:00
platform.c Omit runtime configuration of calloc/free if macro config enabled 2018-10-11 11:10:14 +01:00
ripemd160.c MD: Make deprecated functions not inline 2018-02-22 08:20:42 +00:00
rsa.c Parse RSA parameters DP, DQ and QP from PKCS1 private keys 2020-01-29 13:13:04 -05:00
rsa_internal.c Add explicit type cast to avoid truncation warning 2018-01-03 09:27:40 +00:00
sha1.c Fix Lucky 13 cache attack on MD/SHA padding 2018-07-12 10:18:37 +02:00
sha256.c Fix Lucky 13 cache attack on MD/SHA padding 2018-07-12 10:18:37 +02:00
sha512.c Fix Lucky 13 cache attack on MD/SHA padding 2018-07-12 10:18:37 +02:00
ssl_cache.c Address PR review comments 2017-10-29 17:53:52 +02:00
ssl_ciphersuites.c Reduce priority of 3DES ciphersuites 2019-02-13 09:52:46 +00:00
ssl_cli.c Merge remote-tracking branch 'restricted/pr/671' into mbedtls-2.7-restricted 2020-04-09 11:57:18 +02:00
ssl_cookie.c Fix resource leak when using mutex and ssl_cookie 2017-03-02 12:26:11 +00:00
ssl_srv.c Fix #2370, minor typos and spelling mistakes 2019-02-18 15:57:54 +00:00
ssl_ticket.c Indentation fix 2018-10-26 10:08:29 +01:00
ssl_tls.c Fix bug in handling of DTLS client hard reconnect 2020-03-31 13:04:19 +02:00
threading.c Do not define and initialize global mutexes on configurations that do not use them. 2018-03-21 15:13:08 +00:00
timing.c timing: Remove redundant include file 2019-06-20 16:28:10 +01:00
version.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
version_features.c Reduce priority of 3DES ciphersuites 2019-02-13 09:52:46 +00:00
x509.c Correct comment on the configuration option in x509.c 2020-03-28 00:43:40 +00:00
x509_create.c Fix other occurrences of same bounds check issue 2015-10-21 12:50:45 +02:00
x509_crl.c Always return a high-level error code from X.509 module 2019-06-04 14:03:27 +01:00
x509_crt.c Guard from undefined behaviour in case of an INT_MAX max_pathlen 2020-04-17 11:30:21 +02:00
x509_csr.c Fix CSR parsing header call 2018-12-05 23:23:39 +00:00
x509write_crt.c Change size of preallocated buffer for pk_sign() calls 2019-06-06 13:06:46 +02:00
x509write_csr.c Add missing return code check on call to mbedtls_md() 2020-01-22 19:06:32 +01:00
xtea.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00